There's currently no way to check for valid auth tokens: This means custom authentication is difficult without reinventing the wheel - there's no way to know if a token matches.
var p = Spark.getPlayer();
We have a p.resetAuthTokens(), so this would be a perfect spot to validate an auth token.
It would check against the System player collection to see if it contains this auth token within the array.
It could be written it only a few lines of code -- it should simply return a bool.